Do I need Kerberos, LDAP and SASL for a desktop?

Alberto Hernando pajaro.go at
Mon Dec 11 14:31:57 PST 2006

El Lunes, 11 de Diciembre de 2006 22:57, Jerzy Goca escribió:
> At first I decided that I do not need Kerberos, LDAP and SASL, because
> my system should be a desktop not a server.
> I installed of course PAM, Shadow and Cracklib (Cracklib more for fun
> than for really need). I thought that Kerberos, LDAP and SASL are rather
> for servers and I will never need them.
> Second thought came while compiling KDE. It complained at the
> configuration stage that not having these components will make KDE lack
> much of the network functionality. This stopped me (I installed only
> core of the KDE - I am thinking about reinstallation) and made me to
> conduct some additional research to reconsider installing these packages.
> After some googling I am still all in doubts.
> Most descriptions are about servers and very serious security concerns.
> I think I do not need them.
> But in most distributions you get Kerberos together with basic graphical
> desktop environment.
> I think I need probably only libraries for client applications.
> Now I think I should install SASL - but not Kerberos. I think I also do
> not need LDAP.
> Can anyone tell me in few words what I really miss without these packages?


I'm not an advanced (b)lfs user, so I don't know very well what to say here, 
because I don't know much about the packages you are speaking about. Instead, 
I'll answer in another way. First, if you wonder if you need it or not, you 
probably don't need it. It's like many descriptions while configuring the 
kernel. "This is blah, blah, blah. If you don't know what I'm talking about, 
the safest is N". This is surely the same here. I think your approach is 
wrong. You don't have to say "do I need this?". I'd better say "does my 
system do all what I want?". If this answer is yes, then you already have all 
what you need. This is how I build my system. I wanted only a graphical 
environment, a browser, mail, and little else. Then perhaps I wanted another 
thing. Then I go and install it. But there are little things that can be 
there and I find unuseful. Of course perhaps I'm losing functionality. Should 
I install openexr because kderaphics say so-and-so? Well, I've never had such 
a file. So I don't install it. But if I ever need it, I know what to do.
Second, you say that most distros include kerberos, so perhaps you should 
too... Well, in my opinion, you are losing the point of LFS. Remember, your 
distro, your rules (is this slogan still there?). Debian, Redhat, Suse, etc, 
are done for a large variety of users. They need to include many things, so 
that the user can choose, but its defaults may be a bit too much in some 
cases. That's why my debian can take more than 1 minute to boot and my lfs is 
up in about 20 seconds. If you are going to finish with a bloated system no 
matter what, then... why lfs? In my opinion, lfs can be a lot of pain. I need 
some compensation.
Well, this is what I think. Ah, you were talking about security packages and 
you still don't know if you need them? Well... how paranoic are you?


More information about the blfs-support mailing list